{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T14:28:04.861","vulnerabilities":[{"cve":{"id":"CVE-2016-8440","sourceIdentifier":"security@android.com","published":"2017-01-12T20:59:00.857","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747."},{"lang":"es","value":"Posible desbordamiento de búfer en la llamada al sistema SMMU. La validación de entrada inadecuada en la llamada al sistema ADSP SID2CB podría resultar en una sobrescritura de la memoria del hipervisor. Producto: Android. Versiones: Kernel 3.18. ID de Android: A-31625306. Referencias: QC-CR#1036747."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*","matchCriteriaId":"364CAD86-F652-4B84-932A-A8D9146C9010"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/95227","source":"security@android.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2017-01-01.html","source":"security@android.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95227","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://source.android.com/security/bulletin/2017-01-01.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}